Security Vulnerability: gopkg.in/yaml.v3

[sanjayjohn]

gopkg.in/yaml.v3 is a YAML support package for the Go language.

Affected versions of this package are vulnerable to NULL Pointer Dereference when parsing #\n-\n-\n0 via the parserc.go parser.

v0.10.0 is still on an outdated version: https://github.com/slok/go-http-metrics/blob/v0.10.0/go.mod#L59